XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Separating “YouTube Restricted Mode” from "Enable SafeSearch" feature

    Separating YouTube "Restricted Mode" from "Enforce Safe Search" option in XG Firewall would allow much more flexibility for customers.
    YouTube "Restricted Mode" is currently just too “restricted” (not usable) and customers should have possibility to turn it on or off without impact on SafeSearch.
    On the other side, SafeSearch is very useful feature that customers would probably have always on.

    97 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. Web or App categories for Office 365 and Suite

    Create New web category and application category for only Microsoft office 365 and Google business to make it easier to allow it directly without the need to create it manually

    18 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add "Top bandwidth users" and "Top bandwidth destinations"

    Can you add Top Bandwidth Users and Top Bandwidth Destinations to the dashboard or someplace easy to access?

    38 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Web: Blocking based on keywords in URLs

    Can you please add the ability to block based on keywords. This feature is extremely useful when attempting to sell to a school or charity, or any organization.

    This feature is available in SG UTM.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. XG Firewall allow only specific youtube channel

    As what I observe during our POC on client. They want to allow the specific channel of their own youtube account and block other sites. Other competitors of Sophos don't have any features also on to this.

    Purpose: users can access only their channel videos on youtube

    Thank you in advance Sophos Team!

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Download and scanning progress in batch mode

    In Batch scanning mode under Web>protection you don't see any Progress like with UTM.
    Please add this feature!

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. Guest access registration option on captive portal

    Please add guest access menu on captive portal like UTM 9

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. Captive Portal Session Timeout

    Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Pharming protection - Exception possibility

    it's not possible to create an exception on Pharming protection (Web --> Protection --> Advanced Settings).
    The default enabled function let you "Protect users against pharming and other domain name poisoning attacks by repeating DNS lookups before connecting."

    We were unable to get a vpn tool called "SSL network extender" working (to support a customer). The solution was to disable the Pharming protection completely.

    54 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. WEB: restrict proxy access between internal subnets

    Currently the web proxy allows you to access anything the Sophos can access. This means is you have multiple segments of trusted and untrusted traffic on the same XG that both the trusted and untrusted devices can access the content of each network using the proxy.

    Please make an option where hosts and subnets can be denied for specific filter rules.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Make Web Proxy User Notifications fully customizable

    Being able to fully customize the user notifications (displayed to the user when browsing blocked or warned pages, for example (PROTECT --> Web --> User Notifications --> Message for Warn Action )) is desirable, e.g for purposes of translating the pages. The possibility to use templates with variables would be greatly appreciated.

    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Allow regular expression matches on URLs in Web Policy

    The ability to be able to use regular expressions to match URLs in the Web Policy, not just in Web Exceptions.

    This was possible with SG UTM.

    43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    6 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. WebSocket

    Websocket.

    IETF standard. Used by real-time comms on webpages.

    DESPERATELY needed. HTTPS Decrypt and Scan basically kills it. Please fix!

    43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    9 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Inspection of QUIC traffic

    It appears that currently QUIC traffic (UDP port 80/443) are not categorized by the web filter. Users seem to be able to access YouTube and other Google sites without any of their traffic being inspected.

    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. True Network DLP

    DLP works quite well on Email but it is time to implement it even on Web. I would like to be able to know what my users are uploading to Cloud, DropBox and Webmail and decide to stop and log or log only. Also VPN client should be able to talk with XG and scan what users download from the company to their pc and block unauthorized content.

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Block Files Upload in Webmail

    The idea requested from client all the time form previes UTM firmware. Now XG has arrived with strong User and web singnature, I hope this feature is in your plan.
    Ideally, we should permit users to open a webmail (like Gmail.com or other public webmail or event Facebook, Dropbox, Onedrive, Google Drive)
    but i don't want to permit to attach file/upload file in a new mail on the webmail. In this way i can block a possible disclosure of corporate data. Thanks ---------- (BTZ shared this idea · October 16, 2013)

    26 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Device Specific Authentication

    UTM allows us to configure different web profiles where different device-specific authentication can be set.

    This is very useful in environment where BYOD is required and more than one profile is needed.
    So inherit from UTM.

    62 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Web Filter exceptions based on User Agent

    I believe this is related to an existing suggestion:
    http://feature.astaro.com/forums/330219-sophos-xg-firewall/suggestions/10944024-resolve-netflix-streaming-issue

    UTM customers are able to get around Netflix streaming issues using the workaround detailed here: https://www.sophos.com/support/knowledgebase/121646.aspx
    This involves creating an exception for traffic based on its User Agent. There is no option to do this when configuring exceptions in XG as far as I can tell.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. Multiple upstream web proxies

    Define multiple upstream HTTP proxies.

    Define URL-based policies to determine which proxy should be used, or whether traffic should go direct.

    Each proxy may require authentication.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Web Protection  ·  Flag idea as inappropriate…  ·  Admin →
1 3 Next →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.